<?php

  //connect to database
  @connectToDb($dbServer, $dbAll, $dbAllPW, $dbName);

  //inserts a new record for a customer
  function addCustomerDetails($title, $surname, $given_name, $dob, $address, $post_code, $phone1, $phone2, $card_type1, $card_name1, $card_no1, $card_expiry_date1,  $card_type2, $card_name2, $card_no2, $card_expiry_date2)
  {
    $result = mysql_query("SELECT count(*) FROM customer")or die ('Error: '.mysql_error ());
    $row = mysql_fetch_row($result)or die ('Error: '.mysql_error ());
    $id = $row[0] + 1;

    $sql = "INSERT INTO customer VALUES(".$id.", '".$title."', '".$surname."', '".$given_name."', '".$dob."', '".$address."', ".$post_code.", '".$phone1."', '".$phone2."', '".$card_type1."', '".$card_no1."', '".$card_name1."', '".$card_expiry_date1."', '".$card_type2."', '".$card_no2."', '".$card_name2."', '".$card_expiry_date2."', '')";

    if(mysql_query($sql))
    {
        $_SESSION["customerID"] = $id;
        return true;
    }
    else
    {
        echo $sql;
        return false;
    }
  }

  function lockCustomerTable()
  {
    $sql = "LOCK TABLES customer WRITE";
    if(mysql_query($sql))
    {
        return true;
    }
    else
    {
        return false;
    }
  }
  
  function unlockCustomerTable()
  {
    $sql = "UNLOCK TABLES";
    mysql_query($sql);
  }

  //changes a customer's record
  function updateCustomerDetailsDB($custID, $field, $value)
  {
    $sql = "UPDATE customer SET ".$field." = '".$value."' WHERE customer_no = '".$custID."'";
    if(mysql_query($sql))
    {
        return true;
    }
    else
    {
        return false;
    }
  }

  //retrieves the customer's details
  function checkCustomerDetails($surname, $given_name, $dob, $address, $post_code, $phone)
  {
       $sql = "SELECT * FROM customer WHERE surname = '".$surname."' AND given_name = '".$given_name."' AND date_of_birth = '".$dob."' AND address = '".$address."' AND pcode = '".$post_code."' AND (phone1 = '".$phone."' OR phone2 = '".$phone."')";
       $sql_result = @mysql_query($sql);
       $sql_num = @mysql_numrows($sql_result);

       if($sql_num == 0)
       {
           return true;
       }
       else
       {
           $row = mysql_fetch_row($sql_result)or die ('Error: '.mysql_error ());
           $id = $row[0];
           $_SESSION["customerID"] = $id;
           return false;
       }
  }

  function getCustomerDetailsDB($custID, $field)
  {
      $result = mysql_query("SELECT ".$field." FROM customer WHERE customer_no = '".$custID."'")or die ('Error: '.mysql_error ());
      $row = mysql_fetch_row($result)or die ('Error: '.mysql_error ());
      $data = $row[0];
      return $data;
  }

  function searchCustomerNo($surname, $given_name, $dob, $address, $post_code, $phone)
  {
    $sql = "SELECT customer_no FROM customer WHERE surname='".$surname."' and given_name ='".$given_name."' and date_of_birth = '".$dob."' and address = '".$address."' and pcode = ".$post_code." and (phone1 = '".$phone."' or phone2 = '".$phone."')";

    $sql_result = @mysql_query($sql)or die ('Error: '.mysql_error());

    $row = mysql_fetch_row($sql_result)or die ('Error: '.mysql_error());
    $no = $row[0];

	return $no;

  }

  function getCustomerDetailsDB2($c_no)
  {
    $sql = "SELECT title, phone1, phone2, card_type1, card_no1, card_name1, card_expiry_date1, card_type2, card_no2, card_name2, card_expiry_date2, financial_status FROM customer WHERE customer_no = " . $c_no;

    $sql_result = @mysql_query($sql)or die ('Error: '.mysql_error());

    $sql_num = @mysql_numrows($sql_result);
    
    if($sql_num == 0)
    {
      return "0";
    }
    else
    {
      $row = mysql_fetch_row($sql_result)or die ('Error: '.mysql_error());
    
      return $row;
    }
  }

  function findPreferredDetails($c_no)
  {
    $sql = "SELECT card_type1, card_name1, card_no1, card_expiry_date1 FROM customer WHERE customer_no = " . $c_no;
    $sql_result = @mysql_query($sql);
    $sql_num = @mysql_numrows($sql_result);

    if($sql_num == 0)
    {
      return "0";
    }
    else
    {
      $row = mysql_fetch_row($sql_result)or die ('Error: '.mysql_error());
    
      return $row;
    }
  }
  
  function findAlternateDetails($c_no)
  {
    $sql = "SELECT card_type2, card_name2, card_no2, card_expiry_date2 FROM customer WHERE customer_no = " . $c_no;
    $sql_result = @mysql_query($sql);
    $sql_num = @mysql_numrows($sql_result);

    if($sql_num == 0)
    {
      return "0";
    }
    else
    {
      $row = mysql_fetch_row($sql_result)or die ('Error: '.mysql_error());
    
      return $row;
    }
  }

?>